THE IEEE Standards Association has launched its own anti-malware support service (AMSS) to give software creators a better chance of protecting themselves against malware authors.
The IEEE established the service due to the growing sophistication of malware architects engaged in "the art of evasion", it said, meaning that zero-day and targeted attacks are going undetected.
In a bid to "increase the availability of and access to stronger cryptographic and metadata cybersecurity tools and resources", IEEE's AMSS service has been developed by the firm's Industry Connections Security Group (ICSG) and has brought together "key computer security stakeholders" in the development of the new cryptographic and metadata tools.
"Software packer and obfuscator companies often feel abused by malware authors," said ICSG chairman Mark Kennedy. "By working collaboratively, the security industry can apply economic pressure to the malware industry that couldn't be achieved independently."
IEEE's ICSG was formed to bring security vendors together to cooperate and address "common issues" such as malware authors hijacking legitimate programs in the software market. As a result, AMSS will provide a set of shared support services that ICSG claims will help mitigate the spread and effects of "rapidly mutating malware threats".
The first two AMSS services, the Clean File Metadata Exchange (CMX) service and the Taggant system are already available and the IEEE said that additional services are planned for the future.
AMSS' CMX service gives users real-time information about clean files using metadata like hashes, filenames, directory paths, signatures, and version information submitted by software providers.
"With its pass-through model, the system authenticates the data and allows security products and services to retrieve the verified data for use in their own ecosystems," the IEEE explained. "By providing a single, shared repository of critical information, CMX streamlines the process of verifying clean files, reducing false positives detected by anti-virus software and the delay between threat discovery and whitelist updating."
The Taggant system places a cryptographically secure marker in packed and obfuscated files generated by commercial software distribution packer programs. The system can then detect which user license key was used to create packed software, including packed malware, making it easier to trace the origin of obfuscated programs.
"Once detected and identified, malicious license keys can be blacklisted, preventing further use," IEEE added.
IEEE's AMSS service isn't free, however, and is available on an annual subscription basis that provides access to both the CMX and Taggant systems. µ
Sign up for INQbot – a weekly roundup of the best from the INQ